A cryptographic protocol makes use of an encryption key or an authentication key (hereinafter, collectively referred to as “encryption key”), and implements the functions of confidentiality and authentication. A cryptographic protocol needs to make use of an encryption key that is generated in a confidential manner. As a method of enhancing the confidentiality of an encryption key, a method is known by which the encryption key is generated with the use of a physically unclonable function (PUF).
A physically unclonable function outputs a device-specific value from the same input. An encryption key generated with the use of a physically unclonable function is difficult to clone in an external device. For that reason, a physically unclonable function is receiving attention as the elemental technology in key generation and authentication. Even when an encryption key is generated with the use of a physically unclonable function, it is still necessary to ensure that the encryption key is generated in an efficient fashion.